Ask the Experts

Ask the Experts

• DoubleAgent malware could turn antivirus tools into attack vector

  DoubleAgent malware is a proof of concept for a zero-day vulnerability that can turn antivirus tools into attack vectors. Expert Nick Lewis explains how to contain the threat.  Continue Reading

• How does the MajikPOS malware evade detection?

  A new POS malware downloads a RAM scraper to avoid detection. Expert Nick Lewis explains the tricks MajikPOS uses to target retail terminals and how to defend against it.  Continue Reading

• Why is the patched Apache Struts vulnerability still being exploited?

  An Apache Struts vulnerability is still being exploited, even though it has already been patched. Expert Nick Lewis explains why the Struts platform still carries risk for users.  Continue Reading

• Stopping EternalBlue: Can the next Windows 10 update help?

  The upcoming Windows update, Redstone 3, will patch the vulnerability that enables EternalBlue exploits. Expert Judith Myerson discusses protection methods to use until the update.  Continue Reading

• How does CrashOverride malware threaten industrial control systems?

  CrashOverride malware targets industrial control systems and can wreak havoc. Expert Judith Myerson explains the capabilities of the malware and what to do to stop it.  Continue Reading

• Is upgrading to SNMP v3 enough to secure network devices?

  Using SNMP v3 is a good first step, but it's not enough to prevent attackers from accessing a network through an SNMP-enabled device. Expert Judith Myerson explains what else to do.  Continue Reading

• What is the best way to secure telematics information?

  SMS authentication is often used to secure telematics information, but it may not be strong enough. Expert Judith Myerson discusses why, and how to improve the protection of this data.  Continue Reading

• How can VMware vulnerabilities in vSphere expose credentials?

  Two VMware vulnerabilities in vSphere Data Protection were recently patched. Expert Judith Myerson explains how the flaws work and how to defend against them.  Continue Reading

• How did sensitive data from file-sharing website Docs.com get leaked?

  Many users of the file-sharing website Docs.com were unaware that the sensitive data they uploaded was searchable. Expert Michael Cobb explains how this data leak happened.  Continue Reading

• Libpurple flaw: How does it affect connected IM clients?

  The libpurple library contains a code execution vulnerability that affects the IM clients that were developed using it. Expert Michael Cobb explains how the flaw works.  Continue Reading

• What tools can bypass Google's CAPTCHA challenges?

  The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the attack works.  Continue Reading

• How did a Moodle security vulnerability enable remote code execution?

  A series of logic flaws in Moodle enabled attackers to remotely execute code on servers. Expert Michael Cobb explains how the Moodle security vulnerability can be exploited.  Continue Reading

• How did flaws in WhatsApp and Telegram enable account takeovers?

  Flaws in WhatsApp and Telegram, popular messaging services, enable attackers to break encryption and take over accounts. Expert Michael Cobb explains how the attacks work.  Continue Reading

• Could the WannaCry decryptor work on other ransomware strains?

  Researchers created WannaCry decryptor tools after the outbreak of the ransomware. Expert Matthew Pascucci explains how the tools work and if they work on other ransomware.  Continue Reading

• How is the Samba vulnerability different from EternalBlue?

  A recently discovered Samba vulnerability bears a striking resemblance to the notorious Windows exploit EternalBlue. Expert Matthew Pascucci compares the two vulnerabilities.  Continue Reading